Copy link to clipboard
Copied
Hello, everyone,
I'm trying to use Regular Expressions on the server-side for data validation from a form. I am not using CFFORM, so will not be using the validate attribute of the CFINPUT, etc.
Basically, I've got the form being submit to the server via AJaX, and I'm using CFMatch() to check the input.
The following works (inside CFSCRIPT tags):
zipMask = "^\d{5}(-\d{4|)?$";
if(arrayLen(REmatchNoCase(zipMask,form.zipCode)) eq 0){
return "Zip Code is not in correct format.";
}
So, if a user enters "12345-6789", it's considered valid. If a user enters "12345&8765", it's not.
What isn't working:
coNameMask = "^[A-Za-z0-9]?$";
if(arrayLen(REmatchNoCase(coNameMask,form.companyName)) eq 0){
return "Company Name contains illegal characters.";
}
This will return as an error no matter what I put in the field.
Thoughts, suggestions?
V/r,
^_^
Copy link to clipboard
Copied
Okay.. just ran into a real problem. Just for testing, I entered "<script>" as part of a company name, and instead of catching it, it's listing my directory (the other side of the conditional is to display nothing.)
What is <script> doing to bypass my data validation???
Thank you,
^_^